[OpenWrt-Devel] [PATCH] luci:miniupnpd Fix enabled/disabled behaviour on first boot/upgrade
Kevin Darbyshire-Bryant
kevin at darbyshire-bryant.me.uk
Sat Apr 25 05:46:01 EDT 2015
On 25/04/2015 10:00, Hannu Nyman wrote:
> > miniupnpd service was always disabled after firmware upgrade. Original luci default logic was 'enable miniupnpd and if that succeeds, stop and then disable the service'. It should be 'enable miniupnpd and if that fails, stop & disable the service'.
>
> You got the original script's logic wrong, as you mixed "enable" and "enabled".
> "enable" activates the service, while "enabled" is just a query if the service is active.
> /etc/rc.common defines both of them.
>
> The logic is: query if miniupnpd is active, and if yes, then stop and disable it.
>
> The feature has originally been added as a security feature to luci-app-upnp. But why it is set in luci, not in the actual miniupnpd package in the routing repo?
>
> It originates from 2008: https://github.com/openwrt/luci/commit/66fa0eb0e8e206d26e16615941c60b22b5004649
> modified in 2011: https://github.com/openwrt/luci/commit/6811edb3d9fe289190fbc7337d372027a655daf8
Ah, ok. Ooops! Another cr*p patch from me then, that makes it 2 out of 2 so far. 3rd time lucky maybe :-)
This feature/behaviour has had me confused for quite some time. Personally I really don't like this behaviour.
I can sort of see an argument for security, but if I've installed the service and enabled it then I'd kind of like it to
stick around after an upgrade, like all of my other possibly insecure config file settings do.
Would I be correct in thinking that this behaviour only occurs if you have the luci-upnp module installed as well?
Is the same thing done for other services like Transmission/asterisk etc?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4791 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.infradead.org/pipermail/openwrt-devel/attachments/20150425/26370c45/attachment.p7s>
-------------- next part --------------
_______________________________________________
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org
https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
More information about the openwrt-devel
mailing list